<!DOCTYPE html>
<html>
<head>
  <meta charset="utf-8">
  <title>Dxm&#39;blog</title>
  <meta name="keywords" content="">
  <meta name="description" content="Dxm&#39;blog">
    <meta name="viewport" content="width=device-width, initial-scale=1, maximum-scale=1">
<meta name="description" content="Web安全之文件上传漏洞1、编写一个上传图片的功能页面 2、针对上传的文件进行验证（后缀验证、文件头验证、文件名验证等） 3、文件上传通常会与文件解析漏洞相结合，可以收集整理存在解析漏洞的组件和相关版本，无法部署相关环境，可以学习相关技术，不用实际操作 扩展学习：学习如何绕过黑名单验证、文件头验证，如何杜绝上传图片的功能无法利用获取 shell ？ 0x01 MIME类型检测 前端界面  &lt;">
<meta property="og:type" content="article">
<meta property="og:title" content="文件上传漏洞代码">
<meta property="og:url" content="http://daoxiaom.gitee.io/2020/03/07/%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%E4%BB%A3%E7%A0%81/index.html">
<meta property="og:site_name" content="Dxm&#39;blog">
<meta property="og:description" content="Web安全之文件上传漏洞1、编写一个上传图片的功能页面 2、针对上传的文件进行验证（后缀验证、文件头验证、文件名验证等） 3、文件上传通常会与文件解析漏洞相结合，可以收集整理存在解析漏洞的组件和相关版本，无法部署相关环境，可以学习相关技术，不用实际操作 扩展学习：学习如何绕过黑名单验证、文件头验证，如何杜绝上传图片的功能无法利用获取 shell ？ 0x01 MIME类型检测 前端界面  &lt;">
<meta property="og:locale" content="en_US">
<meta property="og:image" content="http://daoxiaom.gitee.io/2020/03/07/%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%E4%BB%A3%E7%A0%81/image-20200103170055068.png">
<meta property="article:published_time" content="2020-03-06T17:06:03.000Z">
<meta property="article:modified_time" content="2020-03-06T17:25:59.326Z">
<meta property="article:author" content="dxm">
<meta property="article:tag" content="文件上传">
<meta name="twitter:card" content="summary">
<meta name="twitter:image" content="http://daoxiaom.gitee.io/2020/03/07/%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%E4%BB%A3%E7%A0%81/image-20200103170055068.png">


<link rel="icon" href="/img/avatar.jpg">

<link href="/css/style.css?v=1.0.1" rel="stylesheet">

<link href="/css/hl_theme/atom-light.css?v=1.0.1" rel="stylesheet">

<link href="//cdn.bootcss.com/animate.css/3.5.2/animate.min.css" rel="stylesheet">
<link href="//cdn.bootcss.com/font-awesome/4.7.0/css/font-awesome.min.css" rel="stylesheet">

<script src="//cdn.bootcss.com/jquery/2.2.4/jquery.min.js"></script>
<script src="/js/jquery.autocomplete.min.js?v=1.0.1" ></script>

<script src="//cdn.bootcss.com/highlight.js/9.12.0/highlight.min.js"></script>
<script>
    hljs.initHighlightingOnLoad();
</script>

<script src="//cdn.bootcss.com/nprogress/0.2.0/nprogress.min.js"></script>



<script src="//cdn.bootcss.com/jquery-cookie/1.4.1/jquery.cookie.min.js" ></script>

<script src="/js/iconfont.js?v=1.0.1" ></script>

<meta name="generator" content="Hexo 4.2.0"></head>
<div style="display: none">
  <input class="theme_disqus_on" value="false">
  <input class="theme_preload_comment" value="false">
  <input class="theme_blog_path" value="">
</div>

<body>
<aside class="nav mobile">
    <div class="nav-left">
        <a href="/" class="avatar_target">
    <img class="avatar" src="/img/avatar.jpg" />
</a>
<div class="author">
    <span>dxm</span>
</div>

<div class="icon">
    
        
        <a title="github" href="https://yshdxm.github" target="_blank">
            
                <svg class="iconfont-svg" aria-hidden="true">
                    <use xlink:href="#icon-github"></use>
                </svg>
            
        </a>
        
    
        
        <a title="email" href="mailto:sxwnysh@163.com" target="_blank">
            
                <svg class="iconfont-svg" aria-hidden="true">
                    <use xlink:href="#icon-email"></use>
                </svg>
            
        </a>
        
    
        
        <a title="qq" href="http://wpa.qq.com/msgrd?v=3&uin=623473035&site=qq&menu=yes" target="_blank">
            
                <svg class="iconfont-svg" aria-hidden="true">
                    <use xlink:href="#icon-qq"></use>
                </svg>
            
        </a>
        
    
</div>




<ul>
    <li><div class="all active">全部文章<small>(3)</small></div></li>
    
        
            
            <li><div data-rel="Web安全">Web安全<small>(2)</small></div>
                
            </li>
            
        
    
</ul>
<div class="left-bottom">
    <div class="menus">
    
    
    
    
    </div>
    <div><a  class="friends">友链</a></div>
</div>
<input type="hidden" id="yelog_site_posts_number" value="3">

<div style="display: none">
    <span id="busuanzi_value_site_uv"></span>
    <span id="busuanzi_value_site_pv"></span>
</div>

    </div>
    <div class="nav-right">
        <div class="friends-area">
    <div class="friends-title">
        友情链接
        <i class="back-title-list"></i>
    </div>
    <div class="friends-content">
        <ul>
            
            <li><a target="_blank" href="http://yelog.org/">叶落阁</a></li>
            
        </ul>
    </div>
</div>
        <div class="title-list">
    <form onkeydown="if(event.keyCode === 13){return false;}">
        <input id="local-search-input" class="search" type="text" placeholder="Search..." />
        <i class="cross"></i>
        <span>
            <label for="tagswitch">Tags:</label>
            <input id="tagswitch" type="checkbox" style="display: none" />
            <i id="tagsWitchIcon"></i>
        </span>
    </form>
    <div class="tags-list">
    
    <li class="article-tag-list-item">
        <a class="color1">web安全</a>
    </li>
    
    <li class="article-tag-list-item">
        <a class="color5">文件上传</a>
    </li>
    
    <div class="clearfix"></div>
</div>

    
    <nav id="title-list-nav">
        
        <a  class=""
           href="/2020/03/04/hello-world/"
           data-tag=""
           data-author="" >
            <span class="post-title" title="Hello World">Hello World</span>
            <span class="post-date" title="2020-03-04 14:09:03">2020/03/04</span>
        </a>
        
        <a  class="Web安全 "
           href="/2020/03/04/web%E5%AE%89%E5%85%A8%E4%B9%8B%E6%96%87%E4%BB%B6%E5%8C%85%E5%90%AB%E6%BC%8F%E6%B4%9E/"
           data-tag="web安全"
           data-author="" >
            <span class="post-title" title="web安全之文件包含漏洞">web安全之文件包含漏洞</span>
            <span class="post-date" title="2020-03-04 15:35:11">2020/03/04</span>
        </a>
        
        <a  class="Web安全 "
           href="/2020/03/07/%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E%E4%BB%A3%E7%A0%81/"
           data-tag="文件上传"
           data-author="" >
            <span class="post-title" title="文件上传漏洞代码">文件上传漏洞代码</span>
            <span class="post-date" title="2020-03-07 01:06:03">2020/03/07</span>
        </a>
        
    </nav>
</div>
    </div>
    <div class="hide-list">
        <div class="semicircle">
            <div class="brackets first"><</div>
            <div class="brackets">&gt;</div>
        </div>
    </div>
</aside>
<div class="post index">
    <div class="pjax">
        <article class="index">
            <div class="toc-ref">
    
        <ol class="toc"><li class="toc-item toc-level-1"><a class="toc-link" href="#Hacking"><span class="toc-text">Hacking</span></a><ol class="toc-child"><li class="toc-item toc-level-3"><a class="toc-link" href="#信息情报"><span class="toc-text">信息情报</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#论坛"><span class="toc-text">论坛</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#搜索引擎"><span class="toc-text">搜索引擎</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#国外博客"><span class="toc-text">国外博客</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#红队"><span class="toc-text">红队</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#exploit"><span class="toc-text">exploit</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#APT"><span class="toc-text">APT</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#在线沙盒"><span class="toc-text">在线沙盒</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#OWASP"><span class="toc-text">OWASP</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#windows漏洞利用开发"><span class="toc-text">windows漏洞利用开发</span></a></li><li class="toc-item toc-level-3"><a class="toc-link" href="#编程"><span class="toc-text">编程</span></a></li></ol></li><li class="toc-item toc-level-2"><a class="toc-link" href="#黑苹果"><span class="toc-text">黑苹果</span></a></li><li class="toc-item toc-level-2"><a class="toc-link" href="#推荐的公众号"><span class="toc-text">推荐的公众号</span></a></li></ol></li></ol>
    
<style>
    .left-col .switch-btn,
    .left-col .switch-area {
        display: none;
    }
    .toc-level-3 i,
    .toc-level-3 ol {
        display: none !important;
    }
</style>
</div>
            <ul>
<li><h1 id="Hacking"><a href="#Hacking" class="headerlink" title="Hacking"></a>Hacking</h1><h3 id="信息情报"><a href="#信息情报" class="headerlink" title="信息情报"></a>信息情报</h3><ul>
<li><a href="https://www.freebuf.com/" target="_blank" rel="noopener">Freebuf</a></li>
<li><a href="https://start.me/p/X20Apn" target="_blank" rel="noopener">听风者资源情报</a></li>
<li><a href="https://www.anquanke.com/" target="_blank" rel="noopener">安全客 - 安全资讯平台</a></li>
<li><a href="https://bowen.navisec.it/" target="_blank" rel="noopener">网络安全博客 NaviSec.it – 纳威安全导航 | 网络安全导航</a></li>
<li><a href="https://www.sec-wiki.com/" target="_blank" rel="noopener">安全维基</a></li>
</ul>
<h3 id="论坛"><a href="#论坛" class="headerlink" title="论坛"></a>论坛</h3><ul>
<li><a href="https://xz.aliyun.com/" target="_blank" rel="noopener">先知社区</a></li>
<li><a href="https://www.t00ls.net/" target="_blank" rel="noopener">T00LS | 低调求发展 - 潜心习安全 - T00ls.Net</a></li>
<li><a href="https://www.shentoushi.top/index.php/Go/?url=https://bithack.io/&LinkId=453" target="_blank" rel="noopener">通证化安全生态技术社区</a></li>
</ul>
<h3 id="搜索引擎"><a href="#搜索引擎" class="headerlink" title="搜索引擎"></a>搜索引擎</h3><ul>
<li><a href="https://www.zoomeye.org/" target="_blank" rel="noopener">钟馗之眼</a></li>
<li><a href="https://www.shodan.io/" target="_blank" rel="noopener">shodan</a></li>
<li><a href="https://fofa.so/" target="_blank" rel="noopener">FOFA网络空间测绘系统</a></li>
<li><a href="https://www.google.com/" target="_blank" rel="noopener">Google</a></li>
</ul>
<h3 id="国外博客"><a href="#国外博客" class="headerlink" title="国外博客"></a>国外博客</h3><ul>
<li><a href="http://www.fuzzysecurity.com/" target="_blank" rel="noopener">FuzzySecurity | Home</a></li>
<li><a href="http://www.hackingarticles.in/" target="_blank" rel="noopener">Hacking Articles - Raj Chandel’s Blog</a></li>
<li><a href="https://r00tk1ts.github.io/" target="_blank" rel="noopener">r00tk1t’s blog</a></li>
<li><a href="http://niiconsulting.com/" target="_blank" rel="noopener">Cyber Security Consulting India UAE USA | Cyber Security Services</a></li>
<li><a href="https://highon.coffee/" target="_blank" rel="noopener">HighOn.Coffee • Security Research • Penetration Testing Blog</a></li>
<li><a href="https://unit42.paloaltonetworks.com/" target="_blank" rel="noopener">Unit 42 - Latest Cyber Security Research | Palo Alto Networks</a></li>
<li><a href="https://threat.tevora.com/" target="_blank" rel="noopener">Threat Blog</a></li>
<li><a href="https://pentester.land/" target="_blank" rel="noopener">Pentester Land · Offensive Infosec</a></li>
<li><a href="https://pentest.blog/" target="_blank" rel="noopener">Pentest Blog – Inn for security folks</a></li>
<li><a href="https://astr0baby.wordpress.com/" target="_blank" rel="noopener">Astr0baby’s not so random thoughts <strong>_</strong> rand() % 100; | @astr0baby on Twitter for fresh randomness</a></li>
<li><a href="https://www.hackingarticles.in/" target="_blank" rel="noopener">Hacking Articles - Raj Chandel’s Blog</a></li>
<li><a href="https://lsdsecurity.com/" target="_blank" rel="noopener">Logan S Diomedi – lsdsecurity – A personal repository of security writeups and projects I put together…</a></li>
<li><a href="https://devco.re/blog/" target="_blank" rel="noopener">最新訊息 News | DEVCORE 戴夫寇爾</a></li>
<li><a href="https://www.fortinet.com/blog" target="_blank" rel="noopener">Fortinet Blog</a></li>
<li><a href="http://www.greyhathacker.net/" target="_blank" rel="noopener">GreyHatHacker.NET | Malware, Vulnerabilities, Exploits and more . . .</a></li>
</ul>
<h3 id="红队"><a href="#红队" class="headerlink" title="红队"></a>红队</h3><ul>
<li><a href="https://ired.team/" target="_blank" rel="noopener">What is this? - Red Teaming Experiments</a></li>
<li><a href="https://pentestlab.blog/" target="_blank" rel="noopener">Penetration Testing Lab | Offensive Techniques &amp; Methodologies</a></li>
<li><a href="https://github.com/sbilly/awesome-security" target="_blank" rel="noopener">GitHub - sbilly/awesome-security: A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.</a></li>
<li><a href="https://github.com/foobarto/redteam-notebook" target="_blank" rel="noopener">GitHub - foobarto/redteam-notebook: Collection of commands, tips and tricks and references I found useful during preparation for OSCP exam.</a></li>
<li><a href="https://www.peerlyst.com/posts/the-red-team-wiki-chiheb-chebbi?utm_source=twitter&utm_medium=social&utm_content=peerlyst_post&utm_campaign=peerlyst_shared_post" target="_blank" rel="noopener">Peerlyst</a></li>
<li><a href="https://github.com/shr3ddersec/Shr3dKit" target="_blank" rel="noopener">GitHub - shr3ddersec/Shr3dKit: Red Team Tool Kit</a></li>
<li><a href="https://blog.sublimesecurity.com/" target="_blank" rel="noopener">Sublime Thoughts</a></li>
<li><a href="https://hunter2.gitbook.io/" target="_blank" rel="noopener">Darth Sidious - DarthSidious</a></li>
</ul>
<h3 id="exploit"><a href="#exploit" class="headerlink" title="exploit"></a>exploit</h3><ul>
<li><a href="https://www.exploit-db.com/" target="_blank" rel="noopener">Exploit Database - Exploits for Penetration Testers, Researchers, and Ethical Hackers</a></li>
<li><a href="https://packetstormsecurity.com/files/tags/exploit/" target="_blank" rel="noopener">Exploit Files ≈ Packet Storm</a></li>
<li><a href="https://github.com/SecWiki/windows-kernel-exploits" target="_blank" rel="noopener">GitHub - SecWiki/windows-kernel-exploits: windows-kernel-exploits Windows平台提权漏洞集合</a></li>
<li><a href="https://github.com/SecWiki/linux-kernel-exploits" target="_blank" rel="noopener">GitHub - SecWiki/linux-kernel-exploits: linux-kernel-exploits Linux平台提权漏洞集合</a></li>
<li><a href="https://github.com/CIAYSE/LinuxFlaw" target="_blank" rel="noopener">GitHub - CIAYSE/LinuxFlaw: This repo records all the vulnerabilities of linux software I have reproduced in my local workspace</a></li>
<li><a href="https://bugs.hacking8.com/tiquan/" target="_blank" rel="noopener">提权辅助网页</a></li>
</ul>
<h3 id="APT"><a href="#APT" class="headerlink" title="APT"></a>APT</h3><ul>
<li><a href="https://ti.qianxin.com/blog/articles/oceanlotus-attacks-to-indochinese-peninsula-evolution-of-targets-techniques-and-procedure/" target="_blank" rel="noopener">奇安信威胁情报中心</a></li>
<li><a href="https://github.com/blackorbird/APT_REPORT" target="_blank" rel="noopener">GitHub - blackorbird/APT_REPORT: Interesting apt report collection and some special ioc express</a></li>
<li><a href="https://github.com/CyberMonitor/APT_CyberCriminal_Campagin_Collections/blob/master/README.md" target="_blank" rel="noopener">APT_CyberCriminal_Campagin_Collections/README.md at master · CyberMonitor/APT_CyberCriminal_Campagin_Collections · GitHub</a></li>
<li><a href="https://github.com/StrangerealIntel/CyberThreatIntel" target="_blank" rel="noopener">GitHub - StrangerealIntel/CyberThreatIntel: Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups</a></li>
<li><a href="https://mp.weixin.qq.com/s/qv3pYEzi08DMydqUj1dSRw" target="_blank" rel="noopener">威胁情报</a></li>
</ul>
<h3 id="在线沙盒"><a href="#在线沙盒" class="headerlink" title="在线沙盒"></a>在线沙盒</h3><ul>
<li><a href="https://app.any.run/" target="_blank" rel="noopener">Interactive Online Malware Analysis Sandbox - ANY.RUN</a></li>
</ul>
<h3 id="OWASP"><a href="#OWASP" class="headerlink" title="OWASP"></a>OWASP</h3><ul>
<li><a href="https://www.owasp.org/" target="_blank" rel="noopener">OWASP</a></li>
</ul>
<h3 id="windows漏洞利用开发"><a href="#windows漏洞利用开发" class="headerlink" title="windows漏洞利用开发"></a>windows漏洞利用开发</h3><ul>
<li><a href="http://niiconsulting.com/checkmate/2018/02/malware-development-welcome-dark-side-part-2-1/" target="_blank" rel="noopener">Malware Development – Welcome to the Dark Side: Part 2-1 – Checkmate</a></li>
</ul>
<h3 id="编程"><a href="#编程" class="headerlink" title="编程"></a>编程</h3><ul>
<li><a href="https://github.com/Jessicahust/books" target="_blank" rel="noopener">GitHub - Jessicahust/books: 研究生看过的书籍</a></li>
<li><a href="https://www.runoob.com/" target="_blank" rel="noopener">菜鸟教程 - 学的不仅是技术，更是梦想！</a></li>
</ul>
<h2 id="黑苹果"><a href="#黑苹果" class="headerlink" title="黑苹果"></a>黑苹果</h2><ul>
<li><a href="https://blog.daliansky.net/" target="_blank" rel="noopener">黑果小兵的部落阁</a></li>
</ul>
<h2 id="推荐的公众号"><a href="#推荐的公众号" class="headerlink" title="推荐的公众号"></a>推荐的公众号</h2><ul>
<li>即刻安全</li>
<li>黑鸟</li>
<li>黑白之道</li>
<li>安全祖师爷</li>
<li>雷神众测</li>
<li>黑白二进制</li>
</ul>
</li>
</ul>

        </article>
        
        <p>
            <a  class="dashang" onclick="dashangToggle()">赏</a>
        </p>
        
        
    </div>
    <div class="copyright">
        <p class="footer-entry">©2020-2023 Ysh</p>
<p class="footer-entry">Built with <a href="https://hexo.io/" target="_blank">Hexo</a> and <a href="https://github.com/yelog/hexo-theme-3-hexo" target="_blank">3-hexo</a> theme</p>

    </div>
    <div class="full-toc">
        <button class="full"><span class="min "></span></button>
<button class="post-toc-menu"><span class="post-toc-menu-icons"></span></button>
<div class="post-toc"><span class="post-toc-title">目录</span>
    <div class="post-toc-content">

    </div>
</div>
<a class="" id="rocket" ></a>

    </div>
</div>
<div class="acParent"></div>

<div class="hide_box" onclick="dashangToggle()"></div>
<div class="shang_box">
    <a class="shang_close"  onclick="dashangToggle()">×</a>
    <div class="shang_tit">
        <p>喜欢就点赞,疼爱就打赏</p>
    </div>
    <div class="shang_payimg">
        <div class="pay_img">
            <img src="/img/alipay.jpg" class="alipay" title="扫码支持">
            <img src="/img/weixin.jpg" class="weixin" title="扫码支持">
        </div>
    </div>
    <div class="shang_payselect">
        <span><label><input type="radio" name="pay" checked value="alipay">支付宝</label></span><span><label><input type="radio" name="pay" value="weixin">微信</label></span>
    </div>
</div>


</body>
<script src="/js/jquery.pjax.js?v=1.0.1" ></script>

<script src="/js/script.js?v=1.0.1" ></script>
<script>
    var img_resize = 'default';
    /*作者、标签的自动补全*/
    $(function () {
        $('.search').AutoComplete({
            'data': ['#web安全','#文件上传',],
            'itemHeight': 20,
            'width': 418
        }).AutoComplete('show');
    })
    function initArticle() {
        /*渲染对应的表格样式*/
        
            $(".post .pjax table").addClass("green_title");
        

        /*渲染打赏样式*/
        
        $("input[name=pay]").on("click", function () {
            if($("input[name=pay]:checked").val()=="weixin"){
                $(".shang_box .shang_payimg .pay_img").addClass("weixin_img");
            } else {
                $(".shang_box .shang_payimg .pay_img").removeClass("weixin_img");
            }
        })
        

        /*高亮代码块行号*/
        
        $('pre code').each(function(){
            var lines = $(this).text().split('\n').length - 1, widther='';
            if (lines>99) {
                widther = 'widther'
            }
            var $numbering = $('<ul/>').addClass('pre-numbering ' + widther).attr("unselectable","on");
            $(this).addClass('has-numbering ' + widther)
                    .parent()
                    .append($numbering);
            for(var i=1;i<=lines;i++){
                $numbering.append($('<li/>').text(i));
            }
        });
        

        /*访问数量*/
        
        $.getScript("//busuanzi.ibruce.info/busuanzi/2.3/busuanzi.pure.mini.js");
        

        /*代码高亮，行号对齐*/
        $('.pre-numbering').css('line-height',$('.has-numbering').css('line-height'));

        
        
    }

    /*打赏页面隐藏与展示*/
    
    function dashangToggle() {
        $(".shang_box").fadeToggle();
        $(".hide_box").fadeToggle();
    }
    

</script>

<!--加入行号的高亮代码块样式-->

<style>
    pre{
        position: relative;
        margin-bottom: 24px;
        border-radius: 10px;
        border: 1px solid #e2dede;
        background: #FFF;
        overflow: hidden;
    }
    code.has-numbering{
        margin-left: 30px;
    }
    code.has-numbering.widther{
        margin-left: 35px;
    }
    .pre-numbering{
        margin: 0px;
        position: absolute;
        top: 0;
        left: 0;
        width: 20px;
        padding: 0.5em 3px 0.7em 5px;
        border-right: 1px solid #C3CCD0;
        text-align: right;
        color: #AAA;
        background-color: #fafafa;
    }
    .pre-numbering.widther {
        width: 35px;
    }
</style>

<!--自定义样式设置-->
<style>
    
    
    .nav {
        width: 542px;
    }
    .nav.fullscreen {
        margin-left: -542px;
    }
    .nav-left {
        width: 120px;
    }
    
    
    @media screen and (max-width: 1468px) {
        .nav {
            width: 492px;
        }
        .nav.fullscreen {
            margin-left: -492px;
        }
        .nav-left {
            width: 100px;
        }
    }
    
    
    @media screen and (max-width: 1024px) {
        .nav {
            width: 492px;
            margin-left: -492px
        }
        .nav.fullscreen {
            margin-left: 0;
        }
        .nav .hide-list.fullscreen {
            left: 492px
        }
    }
    
    @media screen and (max-width: 426px) {
        .nav {
            width: 100%;
        }
        .nav-left {
            width: 100%;
        }
    }
    
    
    .nav-right .title-list nav a .post-title, .nav-right .title-list #local-search-result a .post-title {
        color: #383636;
    }
    
    
    .nav-right .title-list nav a .post-date, .nav-right .title-list #local-search-result a .post-date {
        color: #5e5e5f;
    }
    
    
    .nav-right nav a.hover, #local-search-result a.hover{
        background-color: #e2e0e0;
    }
    
    

    /*列表样式*/
    
    .post .pjax article .article-entry>ol, .post .pjax article .article-entry>ul, .post .pjax article>ol, .post .pjax article>ul{
        border: #e2dede solid 1px;
        border-radius: 10px;
        padding: 10px 32px 10px 56px;
    }
    .post .pjax article .article-entry li>ol, .post .pjax article .article-entry li>ul,.post .pjax article li>ol, .post .pjax article li>ul{
        padding-top: 5px;
        padding-bottom: 5px;
    }
    .post .pjax article .article-entry>ol>li, .post .pjax article .article-entry>ul>li,.post .pjax article>ol>li, .post .pjax article>ul>li{
        margin-bottom: auto;
        margin-left: auto;
    }
    .post .pjax article .article-entry li>ol>li, .post .pjax article .article-entry li>ul>li,.post .pjax article li>ol>li, .post .pjax article li>ul>li{
        margin-bottom: auto;
        margin-left: auto;
    }
    

    /* 背景图样式 */
    
    


    /*引用块样式*/
    

    /*文章列表背景图*/
    
    .nav-right:before {
        content: ' ';
        display: block;
        position: absolute;
        left: 0;
        top: 0;
        width: 100%;
        height: 100%;
        opacity: 0.3;
        background: url("https://i.loli.net/2020/03/04/DptKv68YejglLaW.jpg");
        background-repeat: no-repeat;
        background-position: 50% 0;
        -ms-background-size: cover;
        -o-background-size: cover;
        -moz-background-size: cover;
        -webkit-background-size: cover;
        background-size: cover;
    }
    

    
</style>







</html>
